FireEye discovers another iOS vulnerability

In what is rapidly becoming routine, security researchers have found another security flaw in Apple's iOS, uncovering potentially backdoored versions of an ad library capable of allowing malicious actors to spy on and manipulate affected devices.

FireEye announced that the affected versions of the ad library are used in thousands of iOS apps published on the Apple App Store. As of Wednesday the company had identified 2846 affected apps.

The research suggests that the potential backdoors could have been controlled from a remote server via the execution of JavaScript code.

This can potentially allow attackers to capture audio and screenshots, monitor device location and read, delete, create and modify files in the app's data container, among other malicious activities.

FireEye said while identifying data suggests that the potentially backdoored ad library is a version of the mobiSage SDK, the latest version released by adSage does not contain these backdoors. It is therefore unclear whether the affected versions were released by adSage or a malicious third party.

FireEye has already informed Apple of its discoveries and has updated its Network Security and Mobile Threat Protection products to alert administrators if mobile devices using apps containing the affected ad server are identified.

News of the discovery comes days after exploit broker Zerodium revealed it had awarded a $1 million bounty to the developers of a method of remotely jailbreaking and compromising untethered iOS 9.1 and 9.2b devices. It also comes in the wake of a string of discoveries of potentially serious iOS malware.

Image courtesy of Faris Algosaibi under CC